<?php

/**
 * Initialize important stuff like paths, autoloaders and global security stuff
 * like GET_VAR filtering
 *
 * @package ecv-ck
 */
define("PATH_CLASSES", dirname(__FILE__) . DS . "Classes");

/**
 * Class autoloader
 */
function class_loader($class)
{
    $filename = $class . '.class.php';

    $file = PATH_CLASSES . DS .
        $class . DS .
        $filename;

    if (!file_exists($file))
    {
        echo "class not found";
        return false;
    }
    include $file;
}

// remove all existent autoloader functions and register our own
spl_autoload_register(null, false);
spl_autoload_register('class_loader');

/**
 * Sanitize strings like GET_VARS
 */
function sanitize(&$value)
{
    // HTML-Tags maskieren
    $value_htmlspecialchars = htmlspecialchars($value, ENT_QUOTES);
    // Leerzeichen am Anfang und Ende beseitigen
    $value_trimmed = trim($value_htmlspecialchars);
    // Only allow certain chars and letters in our GET Vars!
    // Could be a bit restrictive, but better safe than sorry.
    $value_filtered = filter_var(
        $value_trimmed, FILTER_VALIDATE_REGEXP,
        array(
        'options' => array(
            'regexp' => '/^[a-zA-Z0-9\\\.\/_\-&?]+$/'
        )
        )
    );
    $value = $value_filtered;
}

array_walk($_GET, 'sanitize');
